Headline

GHSA-v9hf-5j83-6xpp: PyMySQL SQL Injection vulnerability

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escape_dict.

5 months ago

ghsa

Open in Source

#sql #vulnerability #js #git

PyMySQL SQL Injection vulnerability

Critical severity GitHub Reviewed Published May 21, 2024 to the GitHub Advisory Database • Updated May 21, 2024

Related news

Red Hat Security Advisory 2024-4245-03

Red Hat Security Advisory 2024-4245-03 - An update for python3 is now available for Red Hat Enterprise Linux 8. Issues addressed include a remote SQL injection vulnerability.

4 months ago

Packet Storm

Open in Source

#sql #vulnerability #linux #red_hat #js

Red Hat Security Advisory 2024-4244-03

Red Hat Security Advisory 2024-4244-03 - An update for python3.11-PyMySQL is now available for Red Hat Enterprise Linux 8. Issues addressed include a remote SQL injection vulnerability.

4 months ago

Packet Storm

Open in Source

#sql #vulnerability #linux #red_hat #js

Ubuntu Security Notice USN-6801-1

Ubuntu Security Notice 6801-1 - It was discovered that PyMySQL incorrectly escaped untrusted JSON input. An attacker could possibly use this issue to perform SQL injection attacks.

5 months ago

Packet Storm

Open in Source

#sql #vulnerability #ubuntu #js

Debian Security Advisory 5700-1

Debian Linux Security Advisory 5700-1 - An SQL injection was discovered in pymysql, a pure Python MySQL driver.

5 months ago

Packet Storm

Open in Source

#sql #ios #linux #debian #js